Various approaches have been proposed and/or implemented to support roaming users and roaming machines in distributed computer systems. One approach, which is implemented in Novell NetWare 4.1 and later versions and in Novell NDS software, allows users to gain access to multiple servers in a distributed directory tree without logging in and authenticating themselves to each server individually (NOVELL, NETWARE, and NDS are marks of Novell, Inc.). However, a separate account, and separate login and authentication processes, are still required before a user can login to a computer which is not part of the distributed directory tree, even if that computer is in network communication with a computer which is part of the tree.
An other approach, which involves home domains and logon certificates, is described in European Patent Application EP 0 695 985 A1, having priority based on U.S. application Ser. No. 277,144 filed Jul. 18, 1994 ("Logon Certificates Applications"), incorporated herein by reference. Logon certificates support disconnected operation in a distributed system. Each logon certificate is a secure package holding credentials information sufficient to establish the identity and access rights of a principal (a user or a machine) in a domain other than the principal's home domain. Access is enforced through means such as encryption and digital signatures. Logon certificates can be carried by the principal in convenient forms such as on a portable machine or on a floppy disk.
The relationship between a home domain and a distributed directory tree is not clear from the Logon Certificates Applications. The use of logon certificates is presented in the Logon Certificates Applications as an alternative to replicating credentials. Although credentials may be replicated in a distributed directory tree, however, replication is not required. More generally, domains and distributed directory trees differ in the services they provide, the hardware and software they require or allow, and in characteristics such as scalability and fault-tolerance.
However, a home domain and a distributed directory tree each define a context throughout which a given principal has identical access rights. Regardless of the location in the distributed directory tree at which the principal accesses the system, the principal has the same access rights. Similarly, a principal has the same access rights regardless of which location in the home domain is used to access the system. Indeed, if logon certificates are used, the principal will receive the same access rights regardless of whether the access attempt occurs inside the principal's home domain or outside that domain.
Uniformity of access rights simplifies the implementation of authentication methods, but in some situations more flexibility would be beneficial. For instance, a distributed system might contain both a home domain and a directory tree, with each defining a given principal's access rights differently. It would be useful to provide the principal with a straightforward (from the principal's point of view) way to logon and use machines in the domain, machines in the directory tree, or both. Supporting different access rights for a given principal would also reduce the need to rapidly propagate changes to maintain uniform rights, thereby reducing the burden on domain controllers and directory tree administrators. However, such advances would require a distributed system that functions properly when different parts of the system have different access rights for a given principal, without using separate accounts.
Thus, it would be an advancement in the art to support multiple simultaneous access right contexts for a single principal in a distributed system.
It would be an additional advancement to provide such a method and system which is a compatible extension of known distributed directory tree and logon certificate approaches.
Such a method and system are disclosed and claimed herein.